SPNEGO login failed: An internal error occurred

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

SPNEGO login failed: An internal error occurred

Samba - General mailing list
Hi,

I setup a test envirement on a dedicatet server.

OS: debian stretch
samba: 4.5.8
smbclient: 4.5.8

I set it up as DC, the provision work well, yes I've delete the  
smb.conf in advance.
When I test kinit I got an kerberos ticket, but I've problems with  
smbclient either I use kerberos or password auth.

Myabee someone could help me?

my smb.conf:

# Global parameters
[global]
  netbios name = MX01
  realm = RABADANTEN.DE
  workgroup = RABADANTEN
  dns forwarder = 8.8.8.8
  server role = active directory domain controller

[netlogon]
  path = /var/lib/samba/sysvol/rabadanten.de/scripts
  read only = No

[sysvol]
  path = /var/lib/samba/sysvol
  read only = No

my krb5.conf:

[libdefaults]
  default_realm = RABADANTEN.DE
  dns_lookup_realm = false
  dns_lookup_kdc = true

when I try with 'smbclient -L localhost -UAdministrator -d3' :
<start>
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
added interface eth0 ip=2a02:248:2:32b3:5054:ff:fe80:7b7 bcast=  
netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=195.62.123.31 bcast=195.62.123.31  
netmask=255.255.255.255
Client started (version 4.5.8-Debian).
Enter Administrator's password:
resolve_lmhosts: Attempting lmhosts lookup for name localhost<0x20>
resolve_wins: WINS server resolution selected and no WINS servers listed.
resolve_hosts: Attempting host lookup for name localhost<0x20>
Connecting to ::1 at port 445
Doing spnego session setup (blob length=96)
got OID=1.2.840.48018.1.2.2
got OID=1.2.840.113554.1.2.2
got OID=1.3.6.1.4.1.311.2.2.10
got principal=not_defined_in_RFC4178@please_ignore GENSEC backend  
'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Got challenge flags:
Got NTLMSSP neg_flags=0x62898215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088215
SPNEGO login failed: An internal error occurred.
session setup failed: NT_STATUS_INTERNAL_ERROR
</stop>

with 'smbclient -L //mx01 -k -d6':

<start>
INFO: Current debug levels:
  all: 6
  tdb: 6
  printdrivers: 6
  lanman: 6
  smb: 6
  rpc_parse: 6
  rpc_srv: 6
  rpc_cli: 6
  passdb: 6
  sam: 6
  auth: 6
  winbind: 6
  vfs: 6
  idmap: 6
  quota: 6
  acls: 6
  locking: 6
  msdfs: 6
  dmapi: 6
  registry: 6
  scavenger: 6
  dns: 6
  ldb: 6
  tevent: 6
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
  all: 6
  tdb: 6
  printdrivers: 6
  lanman: 6
  smb: 6
  rpc_parse: 6
  rpc_srv: 6
  rpc_cli: 6
  passdb: 6
  sam: 6
  auth: 6
  winbind: 6
  vfs: 6
  idmap: 6
  quota: 6
  acls: 6
  locking: 6
  msdfs: 6
  dmapi: 6
  registry: 6
  scavenger: 6
  dns: 6
  ldb: 6
  tevent: 6
Processing section "[global]"
doing parameter netbios name = MX01
doing parameter realm = RABADANTEN.DE
doing parameter workgroup = RABADANTEN
doing parameter dns forwarder = 8.8.8.8
doing parameter server role = active directory domain controller
pm_process() returned Yes
added interface eth0 ip=2a02:248:2:32b3:5054:ff:fe80:7b7 bcast=  
netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=195.62.123.31 bcast=195.62.123.31  
netmask=255.255.255.255
Netbios name list:-
my_netbios_names[0]="MX01"
Client started (version 4.5.8-Debian).
Opening cache file at /var/cache/samba/gencache.tdb
Opening cache file at /var/run/samba/gencache_notrans.tdb
sitename_fetch: No stored sitename for realm 'RABADANTEN.DE'
name mx01#20 found.
Connecting to 127.0.1.1 at port 445
Socket options:
  SO_KEEPALIVE = 0
  SO_REUSEADDR = 0
  SO_BROADCAST = 0
  TCP_NODELAY = 1
  TCP_KEEPCNT = 9
  TCP_KEEPIDLE = 7200
  TCP_KEEPINTVL = 75
  IPTOS_LOWDELAY = 0
  IPTOS_THROUGHPUT = 0
  SO_REUSEPORT = 0
  SO_SNDBUF = 2626560
  SO_RCVBUF = 1061808
  SO_SNDLOWAT = 1
  SO_RCVLOWAT = 1
  SO_SNDTIMEO = 0
  SO_RCVTIMEO = 0
  TCP_QUICKACK = 1
  TCP_DEFER_ACCEPT = 0
  session request ok
Doing spnego session setup (blob length=96)
got OID=1.2.840.48018.1.2.2
got OID=1.2.840.113554.1.2.2
got OID=1.3.6.1.4.1.311.2.2.10
got principal=not_defined_in_RFC4178@please_ignore  
cli_session_setup_spnego: using target hostname not SPNEGO principal
kerberos_get_default_realm_from_ccache: Trying to read krb5 cache:  
FILE:/tmp/krb5cc_0
cli_session_setup_spnego: guessed server  
principal=cifs/[hidden email] GENSEC backend 'gssapi_spnego'  
registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gse_krb5
kerberos_get_default_realm_from_ccache: Trying to read krb5 cache:  
FILE:/tmp/krb5cc_0
SPNEGO login failed: An internal error occurred.
session setup failed: NT_STATUS_INTERNAL_ERROR
</stop>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO login failed: An internal error occurred

Samba - General mailing list
On Mon, 04 Sep 2017 14:34:41 +0200
Gregor Burck via samba <[hidden email]> wrote:

> Hi,
>
> I setup a test envirement on a dedicatet server.
>
> OS: debian stretch
> samba: 4.5.8
> smbclient: 4.5.8
>
> I set it up as DC, the provision work well, yes I've delete the  
> smb.conf in advance.
> When I test kinit I got an kerberos ticket, but I've problems with  
> smbclient either I use kerberos or password auth.
>
> Myabee someone could help me?
>
> my smb.conf:
>
> # Global parameters
> [global]
>   netbios name = MX01
>   realm = RABADANTEN.DE
>   workgroup = RABADANTEN
>   dns forwarder = 8.8.8.8
>   server role = active directory domain controller
>
> [netlogon]
>   path = /var/lib/samba/sysvol/rabadanten.de/scripts
>   read only = No
>
> [sysvol]
>   path = /var/lib/samba/sysvol
>   read only = No
>
> my krb5.conf:
>
> [libdefaults]
>   default_realm = RABADANTEN.DE
>   dns_lookup_realm = false
>   dns_lookup_kdc = true
>
> when I try with 'smbclient -L localhost -UAdministrator -d3' :
> <start>
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384) Processing section "[global]"
> added interface eth0 ip=2a02:248:2:32b3:5054:ff:fe80:7b7 bcast=  
> netmask=ffff:ffff:ffff:ffff::
> added interface eth0 ip=195.62.123.31 bcast=195.62.123.31  
> netmask=255.255.255.255
> Client started (version 4.5.8-Debian).
> Enter Administrator's password:
> resolve_lmhosts: Attempting lmhosts lookup for name localhost<0x20>
> resolve_wins: WINS server resolution selected and no WINS servers
> listed. resolve_hosts: Attempting host lookup for name localhost<0x20>
> Connecting to ::1 at port 445
> Doing spnego session setup (blob length=96)
> got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178@please_ignore GENSEC backend  
> 'gssapi_spnego' registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'naclrpc_as_system' registered
> GENSEC backend 'sasl-EXTERNAL' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'ntlmssp_resume_ccache' registered
> GENSEC backend 'http_basic' registered
> GENSEC backend 'http_ntlm' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> Got challenge flags:
> Got NTLMSSP neg_flags=0x62898215
> NTLMSSP: Set final flags:
> Got NTLMSSP neg_flags=0x62088215
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x62088215
> SPNEGO login failed: An internal error occurred.
> session setup failed: NT_STATUS_INTERNAL_ERROR
> </stop>
>
> with 'smbclient -L //mx01 -k -d6':
>
> <start>
> INFO: Current debug levels:
>   all: 6
>   tdb: 6
>   printdrivers: 6
>   lanman: 6
>   smb: 6
>   rpc_parse: 6
>   rpc_srv: 6
>   rpc_cli: 6
>   passdb: 6
>   sam: 6
>   auth: 6
>   winbind: 6
>   vfs: 6
>   idmap: 6
>   quota: 6
>   acls: 6
>   locking: 6
>   msdfs: 6
>   dmapi: 6
>   registry: 6
>   scavenger: 6
>   dns: 6
>   ldb: 6
>   tevent: 6
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> (16384) INFO: Current debug levels:
>   all: 6
>   tdb: 6
>   printdrivers: 6
>   lanman: 6
>   smb: 6
>   rpc_parse: 6
>   rpc_srv: 6
>   rpc_cli: 6
>   passdb: 6
>   sam: 6
>   auth: 6
>   winbind: 6
>   vfs: 6
>   idmap: 6
>   quota: 6
>   acls: 6
>   locking: 6
>   msdfs: 6
>   dmapi: 6
>   registry: 6
>   scavenger: 6
>   dns: 6
>   ldb: 6
>   tevent: 6
> Processing section "[global]"
> doing parameter netbios name = MX01
> doing parameter realm = RABADANTEN.DE
> doing parameter workgroup = RABADANTEN
> doing parameter dns forwarder = 8.8.8.8
> doing parameter server role = active directory domain controller
> pm_process() returned Yes
> added interface eth0 ip=2a02:248:2:32b3:5054:ff:fe80:7b7 bcast=  
> netmask=ffff:ffff:ffff:ffff::
> added interface eth0 ip=195.62.123.31 bcast=195.62.123.31  
> netmask=255.255.255.255
> Netbios name list:-
> my_netbios_names[0]="MX01"
> Client started (version 4.5.8-Debian).
> Opening cache file at /var/cache/samba/gencache.tdb
> Opening cache file at /var/run/samba/gencache_notrans.tdb
> sitename_fetch: No stored sitename for realm 'RABADANTEN.DE'
> name mx01#20 found.
> Connecting to 127.0.1.1 at port 445
> Socket options:
>   SO_KEEPALIVE = 0
>   SO_REUSEADDR = 0
>   SO_BROADCAST = 0
>   TCP_NODELAY = 1
>   TCP_KEEPCNT = 9
>   TCP_KEEPIDLE = 7200
>   TCP_KEEPINTVL = 75
>   IPTOS_LOWDELAY = 0
>   IPTOS_THROUGHPUT = 0
>   SO_REUSEPORT = 0
>   SO_SNDBUF = 2626560
>   SO_RCVBUF = 1061808
>   SO_SNDLOWAT = 1
>   SO_RCVLOWAT = 1
>   SO_SNDTIMEO = 0
>   SO_RCVTIMEO = 0
>   TCP_QUICKACK = 1
>   TCP_DEFER_ACCEPT = 0
>   session request ok
> Doing spnego session setup (blob length=96)
> got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178@please_ignore  
> cli_session_setup_spnego: using target hostname not SPNEGO principal
> kerberos_get_default_realm_from_ccache: Trying to read krb5 cache:  
> FILE:/tmp/krb5cc_0
> cli_session_setup_spnego: guessed server  
> principal=cifs/[hidden email] GENSEC backend 'gssapi_spnego'  
> registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'naclrpc_as_system' registered
> GENSEC backend 'sasl-EXTERNAL' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'ntlmssp_resume_ccache' registered
> GENSEC backend 'http_basic' registered
> GENSEC backend 'http_ntlm' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> Starting GENSEC mechanism spnego
> Starting GENSEC submechanism gse_krb5
> kerberos_get_default_realm_from_ccache: Trying to read krb5 cache:  
> FILE:/tmp/krb5cc_0
> SPNEGO login failed: An internal error occurred.
> session setup failed: NT_STATUS_INTERNAL_ERROR
> </stop>
>
>

Can you post your /etc/hosts file

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO login failed: An internal error occurred

Samba - General mailing list
In reply to this post by Samba - General mailing list
What happens if you use :

smbclient -L $(hostname -f) -UAdministrator -d3 -m smb2
This works on samba 4.6.7, if it still does not work for you, you did hit one of the smbclient bugs related to smb1 protocol.


Greetz,

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:[hidden email]] Namens
> Gregor Burck via samba
> Verzonden: maandag 4 september 2017 14:35
> Aan: [hidden email]
> Onderwerp: [Samba] SPNEGO login failed: An internal error occurred
>
> Hi,
>
> I setup a test envirement on a dedicatet server.
>
> OS: debian stretch
> samba: 4.5.8
> smbclient: 4.5.8
>
> I set it up as DC, the provision work well, yes I've delete
> the smb.conf in advance.
> When I test kinit I got an kerberos ticket, but I've problems
> with smbclient either I use kerberos or password auth.
>
> Myabee someone could help me?
>
> my smb.conf:
>
> # Global parameters
> [global]
>   netbios name = MX01
>   realm = RABADANTEN.DE
>   workgroup = RABADANTEN
>   dns forwarder = 8.8.8.8
>   server role = active directory domain controller
>
> [netlogon]
>   path = /var/lib/samba/sysvol/rabadanten.de/scripts
>   read only = No
>
> [sysvol]
>   path = /var/lib/samba/sysvol
>   read only = No
>
> my krb5.conf:
>
> [libdefaults]
>   default_realm = RABADANTEN.DE
>   dns_lookup_realm = false
>   dns_lookup_kdc = true
>
> when I try with 'smbclient -L localhost -UAdministrator -d3' :
> <start>
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows
> limit (16384) Processing section "[global]"
> added interface eth0 ip=2a02:248:2:32b3:5054:ff:fe80:7b7 bcast=
> netmask=ffff:ffff:ffff:ffff::
> added interface eth0 ip=195.62.123.31 bcast=195.62.123.31
> netmask=255.255.255.255
> Client started (version 4.5.8-Debian).
> Enter Administrator's password:
> resolve_lmhosts: Attempting lmhosts lookup for name localhost<0x20>
> resolve_wins: WINS server resolution selected and no WINS
> servers listed.
> resolve_hosts: Attempting host lookup for name
> localhost<0x20> Connecting to ::1 at port 445 Doing spnego
> session setup (blob length=96) got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2 got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178@please_ignore GENSEC
> backend 'gssapi_spnego' registered GENSEC backend
> 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl'
> registered GENSEC backend 'spnego' registered GENSEC backend
> 'schannel' registered GENSEC backend 'naclrpc_as_system'
> registered GENSEC backend 'sasl-EXTERNAL' registered GENSEC
> backend 'ntlmssp' registered GENSEC backend
> 'ntlmssp_resume_ccache' registered GENSEC backend
> 'http_basic' registered GENSEC backend 'http_ntlm' registered
> GENSEC backend 'krb5' registered GENSEC backend
> 'fake_gssapi_krb5' registered Got challenge flags:
> Got NTLMSSP neg_flags=0x62898215
> NTLMSSP: Set final flags:
> Got NTLMSSP neg_flags=0x62088215
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x62088215
> SPNEGO login failed: An internal error occurred.
> session setup failed: NT_STATUS_INTERNAL_ERROR </stop>
>
> with 'smbclient -L //mx01 -k -d6':
>
> <start>
> INFO: Current debug levels:
>   all: 6
>   tdb: 6
>   printdrivers: 6
>   lanman: 6
>   smb: 6
>   rpc_parse: 6
>   rpc_srv: 6
>   rpc_cli: 6
>   passdb: 6
>   sam: 6
>   auth: 6
>   winbind: 6
>   vfs: 6
>   idmap: 6
>   quota: 6
>   acls: 6
>   locking: 6
>   msdfs: 6
>   dmapi: 6
>   registry: 6
>   scavenger: 6
>   dns: 6
>   ldb: 6
>   tevent: 6
> lp_load_ex: refreshing parameters
> Initialising global parameters
> rlimit_max: increasing rlimit_max (1024) to minimum Windows
> limit (16384)
> INFO: Current debug levels:
>   all: 6
>   tdb: 6
>   printdrivers: 6
>   lanman: 6
>   smb: 6
>   rpc_parse: 6
>   rpc_srv: 6
>   rpc_cli: 6
>   passdb: 6
>   sam: 6
>   auth: 6
>   winbind: 6
>   vfs: 6
>   idmap: 6
>   quota: 6
>   acls: 6
>   locking: 6
>   msdfs: 6
>   dmapi: 6
>   registry: 6
>   scavenger: 6
>   dns: 6
>   ldb: 6
>   tevent: 6
> Processing section "[global]"
> doing parameter netbios name = MX01
> doing parameter realm = RABADANTEN.DE
> doing parameter workgroup = RABADANTEN
> doing parameter dns forwarder = 8.8.8.8
> doing parameter server role = active directory domain controller
> pm_process() returned Yes
> added interface eth0 ip=2a02:248:2:32b3:5054:ff:fe80:7b7 bcast=
> netmask=ffff:ffff:ffff:ffff::
> added interface eth0 ip=195.62.123.31 bcast=195.62.123.31
> netmask=255.255.255.255
> Netbios name list:-
> my_netbios_names[0]="MX01"
> Client started (version 4.5.8-Debian).
> Opening cache file at /var/cache/samba/gencache.tdb Opening
> cache file at /var/run/samba/gencache_notrans.tdb
> sitename_fetch: No stored sitename for realm 'RABADANTEN.DE'
> name mx01#20 found.
> Connecting to 127.0.1.1 at port 445
> Socket options:
>   SO_KEEPALIVE = 0
>   SO_REUSEADDR = 0
>   SO_BROADCAST = 0
>   TCP_NODELAY = 1
>   TCP_KEEPCNT = 9
>   TCP_KEEPIDLE = 7200
>   TCP_KEEPINTVL = 75
>   IPTOS_LOWDELAY = 0
>   IPTOS_THROUGHPUT = 0
>   SO_REUSEPORT = 0
>   SO_SNDBUF = 2626560
>   SO_RCVBUF = 1061808
>   SO_SNDLOWAT = 1
>   SO_RCVLOWAT = 1
>   SO_SNDTIMEO = 0
>   SO_RCVTIMEO = 0
>   TCP_QUICKACK = 1
>   TCP_DEFER_ACCEPT = 0
>   session request ok
> Doing spnego session setup (blob length=96) got
> OID=1.2.840.48018.1.2.2 got OID=1.2.840.113554.1.2.2 got
> OID=1.3.6.1.4.1.311.2.2.10 got
> principal=not_defined_in_RFC4178@please_ignore
> cli_session_setup_spnego: using target hostname not SPNEGO principal
> kerberos_get_default_realm_from_ccache: Trying to read krb5 cache:  
> FILE:/tmp/krb5cc_0
> cli_session_setup_spnego: guessed server
> principal=cifs/[hidden email] GENSEC backend 'gssapi_spnego'  
> registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend
> 'spnego' registered GENSEC backend 'schannel' registered
> GENSEC backend 'naclrpc_as_system' registered GENSEC backend
> 'sasl-EXTERNAL' registered GENSEC backend 'ntlmssp'
> registered GENSEC backend 'ntlmssp_resume_ccache' registered
> GENSEC backend 'http_basic' registered GENSEC backend
> 'http_ntlm' registered GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered Starting GENSEC
> mechanism spnego Starting GENSEC submechanism gse_krb5
> kerberos_get_default_realm_from_ccache: Trying to read krb5 cache:  
> FILE:/tmp/krb5cc_0
> SPNEGO login failed: An internal error occurred.
> session setup failed: NT_STATUS_INTERNAL_ERROR </stop>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO login failed: An internal error occurred

Samba - General mailing list
In reply to this post by Samba - General mailing list
Hi,

this is the /etc/hosts:

127.0.0.1       localhost
127.0.1.1       mx01.rabadanten.de mx01

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

and additionel the /etc/resolv.conf:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search rabadanten.de

I test the DNS in advance:

host mx01.rabadanten.de:
mx01.rabadanten.de has address 195.62.123.31
mx01.rabadanten.de has IPv6 address 2a02:248:2:32b3:5054:ff:fe80:7b7

But I found a temp conclusion for this problem:

ldap server require strong auth = no

Then the smbclient could connect.

This work for the moment.

Thank You

Gregor


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO login failed: An internal error occurred

Samba - General mailing list
On Tue, 2017-09-05 at 09:26 +0200, Gregor Burck via samba wrote:
> But I found a temp conclusion for this problem:
>
> ldap server require strong auth = no
>
> Then the smbclient could connect.
>
> This work for the moment.

I'm sorry, this is totally unrelated to SMB.

What do you think that setting does?

Andrew Bartlett

--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|

Re: SPNEGO login failed: An internal error occurred

Samba - General mailing list
In reply to this post by Samba - General mailing list
On Tue, 05 Sep 2017 09:26:48 +0200
Gregor Burck via samba <[hidden email]> wrote:

> Hi,
>
> this is the /etc/hosts:
>
> 127.0.0.1       localhost
> 127.0.1.1       mx01.rabadanten.de mx01

AHA, I thought so, the last line above should be:

195.62.123.31 mx01.rabadanten.de mx01

Remove the '127.0.1.1'

>
> # The following lines are desirable for IPv6 capable hosts
> ::1     localhost ip6-localhost ip6-loopback
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
>
> and additionel the /etc/resolv.conf:
>
> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by
> resolvconf(8) #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES
> WILL BE OVERWRITTEN nameserver 127.0.0.1
> search rabadanten.de

Is your DC getting its IP via DHCP ? if so change it to a fixed IP
I would also remove the 'resolvconf' package. You do not want anything
overwriting /etc/resolv.conf.
When you manually create /etc/resolv.conf, use the DCs IP instead of
'127.0.0.1'
 

>
> I test the DNS in advance:
>
> host mx01.rabadanten.de:
> mx01.rabadanten.de has address 195.62.123.31
> mx01.rabadanten.de has IPv6 address 2a02:248:2:32b3:5054:ff:fe80:7b7
>
> But I found a temp conclusion for this problem:
>
> ldap server require strong auth = no

I fail to see how this will fix a DNS problem.

Rowland


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba